<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>

<%
         request.setCharacterEncoding("UTF-8");
%>
<%@ page import="java.sql.*" %>

<html>
<body >
<%
   try{
	    Class.forName("com.mysql.jdbc.Driver");
   }
   catch(Exception e){ out.print("faild");}//数据库的驱
   Connection con;
   ResultSet rs;
    String sql;
   String username=request.getParameter("username");
   String password=request.getParameter("password");
 
try{		
	String uri="jdbc:mysql://localhost:3306/sharing";

        Connection conn = DriverManager.getConnection(uri,"root","ZHUBI123.");
          
    PreparedStatement pstmt = null;// 数据库表达式
    sql = "select * from student where username='"+ username +"'and password='"+password+"'";// SQL语句
    pstmt = conn.prepareStatement(sql);
    if(conn==null){
       out.print("conn is null");
        }
    if(pstmt==null){
       out.print("pstmt is null");
        }

    
     rs = pstmt.executeQuery();
     if(rs.next())
	   {
		   request.getSession(true);//创建一个session
		   session.setMaxInactiveInterval(600);
		   session.setAttribute("username",username);
		   session.setAttribute("password",password);
		   session.setAttribute("userIP",request.getRemoteAddr());//获取用户的ip地址	   }
		   session.setAttribute("enter","true") ;
		   response.sendRedirect("MainForm.jsp");//登录成功
	   }else
		   response.sendRedirect("login.html");//登录失败 返回！
		   
}
catch(Exception e){
			   out.print("系统错误");
		   }


%>
 </body>
</html>

